| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mystart.incredibar entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.10.2012, 11:42
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Mystart.incredibar entfernen Log ist unvollständig, die untere Zusammenfassung fehlt
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.10.2012, 17:37
| #17 |
 | Mystart.incredibar entfernen Das ist das Ergebnis das auf C: hinterlegt ist. Den Report nach dem "Skip" konnte ich, warum auch immer, nicht kopieren
__________________ ! Ich hoffe das es jetzt vollständig ist - ich möchte dich schliesslich nicht ewig nerven! Vielen Dank für deinen tollen Job - ohne dich wäre ich völlig aufgeschmissen! Code:
ATTFilter 12:04:38.0095 5836 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
12:04:40.0122 5836 ============================================================
12:04:40.0122 5836 Current date / time: 2012/10/22 12:04:40.0122
12:04:40.0122 5836 SystemInfo:
12:04:40.0122 5836
12:04:40.0122 5836 OS Version: 6.0.6002 ServicePack: 2.0
12:04:40.0122 5836 Product type: Workstation
12:04:40.0122 5836 ComputerName: BENUTZER-PC
12:04:40.0122 5836 UserName: Benutzer
12:04:40.0122 5836 Windows directory: C:\Windows
12:04:40.0122 5836 System windows directory: C:\Windows
12:04:40.0122 5836 Processor architecture: Intel x86
12:04:40.0122 5836 Number of processors: 2
12:04:40.0122 5836 Page size: 0x1000
12:04:40.0122 5836 Boot type: Normal boot
12:04:40.0122 5836 ============================================================
12:04:50.0905 5836 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:04:50.0920 5836 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:04:56.0490 5836 ============================================================
12:04:56.0490 5836 \Device\Harddisk0\DR0:
12:04:56.0490 5836 MBR partitions:
12:04:56.0490 5836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9C40000
12:04:56.0490 5836 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0x8DD8800
12:04:56.0490 5836 \Device\Harddisk1\DR1:
12:04:56.0506 5836 MBR partitions:
12:04:56.0506 5836 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2542D682
12:04:56.0506 5836 ============================================================
12:04:56.0545 5836 C: <-> \Device\Harddisk0\DR0\Partition1
12:04:56.0584 5836 D: <-> \Device\Harddisk0\DR0\Partition2
12:04:56.0600 5836 J: <-> \Device\Harddisk1\DR1\Partition1
12:04:56.0600 5836 ============================================================
12:04:56.0600 5836 Initialize success
12:04:56.0600 5836 ============================================================
12:05:38.0087 4276 ============================================================
12:05:38.0087 4276 Scan started
12:05:38.0087 4276 Mode: Manual; SigCheck; TDLFS;
12:05:38.0087 4276 ============================================================
12:05:38.0415 4276 ================ Scan system memory ========================
12:05:38.0415 4276 System memory - ok
12:05:38.0415 4276 ================ Scan services =============================
12:05:38.0650 4276 [ 553BA53445795CBC0D4F9FA37EB855A6 ] acedrv10 C:\Windows\system32\drivers\acedrv10.sys
12:05:38.0806 4276 acedrv10 - ok
12:05:38.0837 4276 [ 8CE00B6A46962A1808B19CD1DAE5170C ] acehlp10 C:\Windows\system32\drivers\acehlp10.sys
12:05:38.0868 4276 acehlp10 - ok
12:05:38.0915 4276 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:05:38.0947 4276 ACPI - ok
12:05:39.0072 4276 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:05:39.0087 4276 AdobeARMservice - ok
12:05:39.0150 4276 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:05:39.0165 4276 AdobeFlashPlayerUpdateSvc - ok
12:05:39.0212 4276 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:05:39.0243 4276 adp94xx - ok
12:05:39.0275 4276 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:05:39.0290 4276 adpahci - ok
12:05:39.0322 4276 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:05:39.0337 4276 adpu160m - ok
12:05:39.0353 4276 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:05:39.0368 4276 adpu320 - ok
12:05:39.0400 4276 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:05:39.0478 4276 AeLookupSvc - ok
12:05:39.0540 4276 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:05:39.0587 4276 AFD - ok
12:05:39.0618 4276 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:05:39.0634 4276 agp440 - ok
12:05:39.0665 4276 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:05:39.0681 4276 aic78xx - ok
12:05:39.0712 4276 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:05:39.0775 4276 ALG - ok
12:05:39.0790 4276 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
12:05:39.0806 4276 aliide - ok
12:05:39.0822 4276 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:05:39.0837 4276 amdagp - ok
12:05:39.0853 4276 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
12:05:39.0884 4276 amdide - ok
12:05:39.0884 4276 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:05:40.0040 4276 AmdK7 - ok
12:05:40.0056 4276 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:05:40.0134 4276 AmdK8 - ok
12:05:40.0181 4276 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:05:40.0243 4276 Appinfo - ok
12:05:40.0259 4276 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
12:05:40.0290 4276 arc - ok
12:05:40.0306 4276 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:05:40.0322 4276 arcsas - ok
12:05:40.0368 4276 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:05:40.0431 4276 AsyncMac - ok
12:05:40.0478 4276 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
12:05:40.0493 4276 atapi - ok
12:05:40.0540 4276 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:05:40.0572 4276 AudioEndpointBuilder - ok
12:05:40.0572 4276 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:05:40.0603 4276 Audiosrv - ok
12:05:40.0712 4276 [ BF3B991E0E22F9E6A82CCF6512CB51D0 ] AVKProxy C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
12:05:40.0775 4276 AVKProxy - ok
12:05:40.0822 4276 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
12:05:40.0868 4276 AVKService - ok
12:05:40.0915 4276 [ EF3F025FE3393E0A240952E025E7D30D ] AVKWCtl C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
12:05:40.0993 4276 AVKWCtl - ok
12:05:41.0040 4276 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:05:41.0087 4276 Beep - ok
12:05:41.0150 4276 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:05:41.0197 4276 BFE - ok
12:05:41.0259 4276 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
12:05:41.0306 4276 BITS - ok
12:05:41.0322 4276 blbdrive - ok
12:05:41.0353 4276 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:05:41.0384 4276 bowser - ok
12:05:41.0415 4276 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:05:41.0447 4276 BrFiltLo - ok
12:05:41.0478 4276 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:05:41.0525 4276 BrFiltUp - ok
12:05:41.0556 4276 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:05:41.0587 4276 Browser - ok
12:05:41.0618 4276 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys
12:05:41.0681 4276 Brserid - ok
12:05:41.0681 4276 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:05:41.0743 4276 BrSerWdm - ok
12:05:41.0759 4276 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:05:41.0822 4276 BrUsbMdm - ok
12:05:41.0837 4276 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
12:05:41.0900 4276 BrUsbSer - ok
12:05:41.0962 4276 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
12:05:41.0978 4276 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
12:05:41.0978 4276 BrYNSvc - detected UnsignedFile.Multi.Generic (1)
12:05:42.0009 4276 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:05:42.0056 4276 BTHMODEM - ok
12:05:42.0103 4276 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:05:42.0134 4276 cdfs - ok
12:05:42.0165 4276 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:05:42.0197 4276 cdrom - ok
12:05:42.0243 4276 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:05:42.0259 4276 CertPropSvc - ok
12:05:42.0275 4276 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
12:05:42.0337 4276 circlass - ok
12:05:42.0368 4276 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:05:42.0400 4276 CLFS - ok
12:05:42.0431 4276 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:05:42.0447 4276 clr_optimization_v2.0.50727_32 - ok
12:05:42.0525 4276 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:05:42.0540 4276 clr_optimization_v4.0.30319_32 - ok
12:05:42.0540 4276 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:05:42.0556 4276 cmdide - ok
12:05:42.0572 4276 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:05:42.0587 4276 Compbatt - ok
12:05:42.0603 4276 COMSysApp - ok
12:05:42.0618 4276 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:05:42.0634 4276 crcdisk - ok
12:05:42.0650 4276 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:05:42.0712 4276 Crusoe - ok
12:05:42.0759 4276 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:05:42.0790 4276 CryptSvc - ok
12:05:42.0853 4276 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:05:42.0900 4276 DcomLaunch - ok
12:05:42.0931 4276 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:05:42.0962 4276 DfsC - ok
12:05:43.0040 4276 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:05:43.0150 4276 DFSR - ok
12:05:43.0212 4276 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:05:43.0243 4276 Dhcp - ok
12:05:43.0290 4276 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:05:43.0306 4276 disk - ok
12:05:43.0337 4276 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:05:43.0368 4276 Dnscache - ok
12:05:43.0415 4276 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:05:43.0447 4276 dot3svc - ok
12:05:43.0493 4276 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:05:43.0540 4276 DPS - ok
12:05:43.0572 4276 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:05:43.0603 4276 drmkaud - ok
12:05:43.0650 4276 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:05:43.0697 4276 DXGKrnl - ok
12:05:43.0728 4276 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:05:43.0790 4276 E1G60 - ok
12:05:43.0822 4276 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:05:43.0868 4276 EapHost - ok
12:05:43.0915 4276 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:05:43.0931 4276 Ecache - ok
12:05:43.0947 4276 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:05:43.0962 4276 elxstor - ok
12:05:44.0025 4276 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:05:44.0072 4276 EMDMgmt - ok
12:05:44.0118 4276 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:05:44.0165 4276 EventSystem - ok
12:05:44.0212 4276 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:05:44.0259 4276 exfat - ok
12:05:44.0290 4276 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:05:44.0322 4276 fastfat - ok
12:05:44.0337 4276 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:05:44.0400 4276 fdc - ok
12:05:44.0415 4276 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:05:44.0447 4276 fdPHost - ok
12:05:44.0462 4276 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:05:44.0525 4276 FDResPub - ok
12:05:44.0540 4276 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:05:44.0556 4276 FileInfo - ok
12:05:44.0572 4276 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:05:44.0634 4276 Filetrace - ok
12:05:44.0650 4276 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:05:44.0712 4276 flpydisk - ok
12:05:44.0728 4276 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:05:44.0759 4276 FltMgr - ok
12:05:44.0822 4276 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
12:05:44.0884 4276 FontCache - ok
12:05:44.0915 4276 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:05:44.0931 4276 FontCache3.0.0.0 - ok
12:05:44.0962 4276 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:05:44.0993 4276 Fs_Rec - ok
12:05:45.0009 4276 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:05:45.0025 4276 gagp30kx - ok
12:05:45.0056 4276 [ 7094E1D622491D2FD34558ADAC80321C ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
12:05:45.0072 4276 GDBehave - ok
12:05:45.0165 4276 [ 1AF3FA6702A67BD7F821532D9A62EC59 ] GDFwSvc C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
12:05:45.0243 4276 GDFwSvc - ok
12:05:45.0275 4276 [ 08204492943D2CFAE0D9F1FDAB5D38AE ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
12:05:45.0290 4276 GDMnIcpt - ok
12:05:45.0322 4276 [ BA3C7729FF3E55AD2DBBC7AC01A19465 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
12:05:45.0337 4276 GDPkIcpt - ok
12:05:45.0368 4276 [ B7D4DF09A86A5DC98F74A2FA2875C154 ] GDScan C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe
12:05:45.0415 4276 GDScan - ok
12:05:45.0447 4276 [ BF2749B55175E423BDA67C8CF1CCBEF0 ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd32.sys
12:05:45.0478 4276 gdwfpcd - ok
12:05:45.0509 4276 [ 4AC51459805264AFFD5F6FDFB9D9235F ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:05:45.0525 4276 GEARAspiWDM - ok
12:05:45.0572 4276 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:05:45.0634 4276 gpsvc - ok
12:05:45.0728 4276 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:05:45.0743 4276 gupdate - ok
12:05:45.0743 4276 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:05:45.0759 4276 gupdatem - ok
12:05:45.0806 4276 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:05:45.0868 4276 HdAudAddService - ok
12:05:45.0900 4276 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:05:45.0947 4276 HDAudBus - ok
12:05:45.0978 4276 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:05:46.0025 4276 HidBth - ok
12:05:46.0025 4276 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:05:46.0072 4276 HidIr - ok
12:05:46.0087 4276 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
12:05:46.0118 4276 hidserv - ok
12:05:46.0165 4276 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:05:46.0212 4276 HidUsb - ok
12:05:46.0243 4276 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:05:46.0275 4276 hkmsvc - ok
12:05:46.0306 4276 [ A3D1EE9B310ED1FE6136FEC4E0DEA366 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
12:05:46.0322 4276 HookCentre - ok
12:05:46.0337 4276 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:05:46.0353 4276 HpCISSs - ok
12:05:46.0400 4276 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:05:46.0462 4276 HTTP - ok
12:05:46.0478 4276 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:05:46.0493 4276 i2omp - ok
12:05:46.0556 4276 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:05:46.0587 4276 i8042prt - ok
12:05:46.0665 4276 [ 9378D57E2B96C0A185D844770AD49948 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
12:05:46.0790 4276 ialm - ok
12:05:46.0837 4276 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:05:46.0853 4276 iaStorV - ok
12:05:46.0915 4276 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:05:46.0931 4276 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:05:46.0931 4276 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:05:46.0993 4276 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:05:47.0040 4276 idsvc - ok
12:05:47.0118 4276 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
12:05:47.0181 4276 igfx - ok
12:05:47.0212 4276 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:05:47.0228 4276 iirsp - ok
12:05:47.0275 4276 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:05:47.0322 4276 IKEEXT - ok
12:05:47.0400 4276 [ 4E38A2883DF3BA382A59132B3E7D709E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:05:47.0478 4276 IntcAzAudAddService - ok
12:05:47.0525 4276 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
12:05:47.0540 4276 intelide - ok
12:05:47.0556 4276 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:05:47.0587 4276 intelppm - ok
12:05:47.0634 4276 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:05:47.0665 4276 IPBusEnum - ok
12:05:47.0681 4276 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:05:47.0712 4276 IpFilterDriver - ok
12:05:47.0759 4276 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:05:47.0775 4276 iphlpsvc - ok
12:05:47.0790 4276 IpInIp - ok
12:05:47.0822 4276 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:05:47.0868 4276 IPMIDRV - ok
12:05:47.0900 4276 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:05:47.0931 4276 IPNAT - ok
12:05:47.0947 4276 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:05:47.0993 4276 IRENUM - ok
12:05:48.0025 4276 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:05:48.0040 4276 isapnp - ok
12:05:48.0056 4276 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:05:48.0072 4276 iScsiPrt - ok
12:05:48.0087 4276 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:05:48.0103 4276 iteatapi - ok
12:05:48.0134 4276 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:05:48.0134 4276 iteraid - ok
12:05:48.0181 4276 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:05:48.0197 4276 kbdclass - ok
12:05:48.0212 4276 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:05:48.0275 4276 kbdhid - ok
12:05:48.0306 4276 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:05:48.0337 4276 KeyIso - ok
12:05:48.0384 4276 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:05:48.0415 4276 KSecDD - ok
12:05:48.0462 4276 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:05:48.0525 4276 KtmRm - ok
12:05:48.0572 4276 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
12:05:48.0603 4276 LanmanServer - ok
12:05:48.0665 4276 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:05:48.0681 4276 LanmanWorkstation - ok
12:05:48.0759 4276 [ F34B35F6F74E28A460749DA11D1117F8 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:05:48.0775 4276 LightScribeService - ok
12:05:48.0806 4276 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:05:48.0853 4276 lltdio - ok
12:05:48.0868 4276 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:05:48.0915 4276 lltdsvc - ok
12:05:48.0931 4276 lmab_device - ok
12:05:48.0962 4276 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:05:49.0025 4276 lmhosts - ok
12:05:49.0056 4276 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:05:49.0072 4276 LSI_FC - ok
12:05:49.0087 4276 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:05:49.0103 4276 LSI_SAS - ok
12:05:49.0118 4276 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:05:49.0134 4276 LSI_SCSI - ok
12:05:49.0165 4276 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:05:49.0212 4276 luafv - ok
12:05:49.0243 4276 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:05:49.0259 4276 MBAMProtector - ok
12:05:49.0322 4276 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:05:49.0353 4276 MBAMScheduler - ok
12:05:49.0384 4276 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:05:49.0431 4276 MBAMService - ok
12:05:49.0462 4276 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
12:05:49.0478 4276 megasas - ok
12:05:49.0509 4276 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:05:49.0540 4276 MMCSS - ok
12:05:49.0556 4276 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:05:49.0603 4276 Modem - ok
12:05:49.0634 4276 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:05:49.0697 4276 monitor - ok
12:05:49.0728 4276 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:05:49.0743 4276 mouclass - ok
12:05:49.0759 4276 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:05:49.0806 4276 mouhid - ok
12:05:49.0822 4276 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:05:49.0837 4276 MountMgr - ok
12:05:49.0884 4276 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:05:49.0900 4276 MozillaMaintenance - ok
12:05:49.0931 4276 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
12:05:49.0947 4276 mpio - ok
12:05:49.0962 4276 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:05:49.0993 4276 mpsdrv - ok
12:05:50.0040 4276 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:05:50.0072 4276 MpsSvc - ok
12:05:50.0087 4276 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:05:50.0103 4276 Mraid35x - ok
12:05:50.0134 4276 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:05:50.0181 4276 MRxDAV - ok
12:05:50.0228 4276 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:05:50.0243 4276 mrxsmb - ok
12:05:50.0275 4276 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:05:50.0306 4276 mrxsmb10 - ok
12:05:50.0322 4276 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:05:50.0353 4276 mrxsmb20 - ok
12:05:50.0368 4276 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
12:05:50.0384 4276 msahci - ok
12:05:50.0400 4276 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:05:50.0415 4276 msdsm - ok
12:05:50.0447 4276 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:05:50.0478 4276 MSDTC - ok
12:05:50.0493 4276 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:05:50.0540 4276 Msfs - ok
12:05:50.0572 4276 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:05:50.0587 4276 msisadrv - ok
12:05:50.0618 4276 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:05:50.0650 4276 MSiSCSI - ok
12:05:50.0650 4276 msiserver - ok
12:05:50.0697 4276 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:05:50.0743 4276 MSKSSRV - ok
12:05:50.0759 4276 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:05:50.0806 4276 MSPCLOCK - ok
12:05:50.0822 4276 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:05:50.0853 4276 MSPQM - ok
12:05:50.0884 4276 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:05:50.0915 4276 MsRPC - ok
12:05:50.0915 4276 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:05:50.0931 4276 mssmbios - ok
12:05:50.0947 4276 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:05:50.0993 4276 MSTEE - ok
12:05:51.0025 4276 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:05:51.0040 4276 Mup - ok
12:05:51.0072 4276 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:05:51.0103 4276 napagent - ok
12:05:51.0134 4276 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:05:51.0165 4276 NativeWifiP - ok
12:05:51.0228 4276 [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
12:05:51.0259 4276 NBService - ok
12:05:51.0353 4276 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:05:51.0384 4276 NDIS - ok
12:05:51.0400 4276 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:05:51.0431 4276 NdisTapi - ok
12:05:51.0462 4276 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:05:51.0509 4276 Ndisuio - ok
12:05:51.0540 4276 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:05:51.0572 4276 NdisWan - ok
12:05:51.0587 4276 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:05:51.0618 4276 NDProxy - ok
12:05:51.0618 4276 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:05:51.0665 4276 NetBIOS - ok
12:05:51.0697 4276 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:05:51.0743 4276 netbt - ok
12:05:51.0759 4276 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:05:51.0775 4276 Netlogon - ok
12:05:51.0790 4276 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:05:51.0837 4276 Netman - ok
12:05:51.0853 4276 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:05:51.0884 4276 netprofm - ok
12:05:51.0931 4276 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:05:51.0947 4276 NetTcpPortSharing - ok
12:05:51.0978 4276 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:05:51.0978 4276 nfrd960 - ok
12:05:52.0072 4276 [ 30C11D08FD85A60825F2D1912E29C5A4 ] NitroReaderDriverReadSpool2 C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
12:05:52.0087 4276 NitroReaderDriverReadSpool2 - ok
12:05:52.0103 4276 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:05:52.0150 4276 NlaSvc - ok
12:05:52.0212 4276 [ 060DAF68493AD7ADF104413E5A62AFA8 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
12:05:52.0228 4276 NMIndexingService - ok
12:05:52.0275 4276 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:05:52.0306 4276 Npfs - ok
12:05:52.0322 4276 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:05:52.0368 4276 nsi - ok
12:05:52.0384 4276 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:05:52.0415 4276 nsiproxy - ok
12:05:52.0462 4276 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:05:52.0509 4276 Ntfs - ok
12:05:52.0540 4276 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:05:52.0587 4276 ntrigdigi - ok
12:05:52.0618 4276 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:05:52.0650 4276 Null - ok
12:05:52.0650 4276 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:05:52.0665 4276 nvraid - ok
12:05:52.0697 4276 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:05:52.0697 4276 nvstor - ok
12:05:52.0728 4276 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:05:52.0743 4276 nv_agp - ok
12:05:52.0743 4276 NwlnkFlt - ok
12:05:52.0759 4276 NwlnkFwd - ok
12:05:52.0837 4276 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:05:52.0853 4276 odserv - ok
12:05:52.0884 4276 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:05:52.0931 4276 ohci1394 - ok
12:05:52.0962 4276 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:05:52.0978 4276 ose - ok
12:05:53.0009 4276 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:05:53.0087 4276 p2pimsvc - ok
12:05:53.0103 4276 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:05:53.0150 4276 p2psvc - ok
12:05:53.0181 4276 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:05:53.0212 4276 Parport - ok
12:05:53.0243 4276 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:05:53.0275 4276 partmgr - ok
12:05:53.0275 4276 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:05:53.0306 4276 Parvdm - ok
12:05:53.0337 4276 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:05:53.0368 4276 PcaSvc - ok
12:05:53.0400 4276 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:05:53.0415 4276 pci - ok
12:05:53.0462 4276 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
12:05:53.0462 4276 pciide - ok
12:05:53.0493 4276 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:05:53.0509 4276 pcmcia - ok
12:05:53.0556 4276 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
12:05:53.0572 4276 PDFProFiltSrvPP - ok
12:05:53.0618 4276 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:05:53.0728 4276 PEAUTH - ok
12:05:53.0822 4276 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:05:53.0900 4276 pla - ok
12:05:53.0947 4276 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:05:53.0993 4276 PlugPlay - ok
12:05:54.0009 4276 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:05:54.0056 4276 PNRPAutoReg - ok
12:05:54.0072 4276 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:05:54.0103 4276 PNRPsvc - ok
12:05:54.0150 4276 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:05:54.0197 4276 PolicyAgent - ok
12:05:54.0228 4276 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:05:54.0275 4276 PptpMiniport - ok
12:05:54.0290 4276 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
12:05:54.0353 4276 Processor - ok
12:05:54.0368 4276 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:05:54.0384 4276 ProfSvc - ok
12:05:54.0400 4276 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:05:54.0415 4276 ProtectedStorage - ok
12:05:54.0447 4276 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:05:54.0478 4276 PSched - ok
12:05:54.0509 4276 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:05:54.0572 4276 ql2300 - ok
12:05:54.0587 4276 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:05:54.0603 4276 ql40xx - ok
12:05:54.0634 4276 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:05:54.0665 4276 QWAVE - ok
12:05:54.0681 4276 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:05:54.0712 4276 QWAVEdrv - ok
12:05:54.0712 4276 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:05:54.0759 4276 RasAcd - ok
12:05:54.0775 4276 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:05:54.0806 4276 RasAuto - ok
12:05:54.0837 4276 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:05:54.0884 4276 Rasl2tp - ok
12:05:54.0915 4276 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:05:54.0947 4276 RasMan - ok
12:05:54.0978 4276 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:05:55.0009 4276 RasPppoe - ok
12:05:55.0056 4276 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:05:55.0087 4276 RasSstp - ok
12:05:55.0118 4276 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:05:55.0150 4276 rdbss - ok
12:05:55.0165 4276 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:55.0212 4276 RDPCDD - ok
12:05:55.0228 4276 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:05:55.0290 4276 rdpdr - ok
12:05:55.0290 4276 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:05:55.0337 4276 RDPENCDD - ok
12:05:55.0368 4276 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:05:55.0415 4276 RDPWD - ok
12:05:55.0462 4276 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:05:55.0509 4276 RemoteAccess - ok
12:05:55.0540 4276 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:05:55.0572 4276 RemoteRegistry - ok
12:05:55.0587 4276 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:05:55.0618 4276 RpcLocator - ok
12:05:55.0634 4276 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:05:55.0681 4276 RpcSs - ok
12:05:55.0712 4276 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:05:55.0743 4276 rspndr - ok
12:05:55.0775 4276 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
12:05:55.0837 4276 RTL8169 - ok
12:05:55.0837 4276 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:05:55.0868 4276 SamSs - ok
12:05:55.0884 4276 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:05:55.0900 4276 sbp2port - ok
12:05:55.0947 4276 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:05:55.0993 4276 SCardSvr - ok
12:05:56.0025 4276 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:05:56.0072 4276 Schedule - ok
12:05:56.0087 4276 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:05:56.0118 4276 SCPolicySvc - ok
12:05:56.0134 4276 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:05:56.0181 4276 SDRSVC - ok
12:05:56.0197 4276 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:05:56.0259 4276 secdrv - ok
12:05:56.0290 4276 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:05:56.0322 4276 seclogon - ok
12:05:56.0368 4276 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
12:05:56.0400 4276 SENS - ok
12:05:56.0415 4276 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:05:56.0447 4276 Serenum - ok
12:05:56.0478 4276 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:05:56.0525 4276 Serial - ok
12:05:56.0540 4276 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:05:56.0572 4276 sermouse - ok
12:05:56.0618 4276 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:05:56.0650 4276 SessionEnv - ok
12:05:56.0665 4276 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:05:56.0712 4276 sffdisk - ok
12:05:56.0712 4276 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:05:56.0790 4276 sffp_mmc - ok
12:05:56.0806 4276 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:05:56.0853 4276 sffp_sd - ok
12:05:56.0884 4276 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:05:56.0931 4276 sfloppy - ok
12:05:56.0962 4276 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:05:57.0009 4276 SharedAccess - ok
12:05:57.0056 4276 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:05:57.0087 4276 ShellHWDetection - ok
12:05:57.0103 4276 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:05:57.0118 4276 sisagp - ok
12:05:57.0134 4276 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:05:57.0150 4276 SiSRaid2 - ok
12:05:57.0165 4276 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:05:57.0181 4276 SiSRaid4 - ok
12:05:57.0243 4276 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:05:57.0243 4276 SkypeUpdate - ok
12:05:57.0353 4276 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:05:57.0447 4276 slsvc - ok
12:05:57.0462 4276 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:05:57.0493 4276 SLUINotify - ok
12:05:57.0525 4276 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:05:57.0556 4276 Smb - ok
12:05:57.0587 4276 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:05:57.0603 4276 SNMPTRAP - ok
12:05:57.0634 4276 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:05:57.0650 4276 spldr - ok
12:05:57.0697 4276 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:05:57.0728 4276 Spooler - ok
12:05:57.0759 4276 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:05:57.0822 4276 srv - ok
12:05:57.0853 4276 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:05:57.0884 4276 srv2 - ok
12:05:57.0915 4276 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:05:57.0947 4276 srvnet - ok
12:05:57.0978 4276 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:05:58.0009 4276 SSDPSRV - ok
12:05:58.0040 4276 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:05:58.0072 4276 SstpSvc - ok
12:05:58.0103 4276 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:05:58.0134 4276 StillCam - ok
12:05:58.0165 4276 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:05:58.0197 4276 stisvc - ok
12:05:58.0228 4276 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:05:58.0243 4276 swenum - ok
12:05:58.0275 4276 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:05:58.0306 4276 swprv - ok
12:05:58.0353 4276 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:05:58.0368 4276 Symc8xx - ok
12:05:58.0384 4276 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:05:58.0400 4276 Sym_hi - ok
12:05:58.0415 4276 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:05:58.0431 4276 Sym_u3 - ok
12:05:58.0478 4276 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:05:58.0525 4276 SysMain - ok
12:05:58.0540 4276 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:05:58.0572 4276 TabletInputService - ok
12:05:58.0618 4276 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:05:58.0634 4276 TapiSrv - ok
12:05:58.0665 4276 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:05:58.0697 4276 TBS - ok
12:05:58.0759 4276 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:05:58.0790 4276 Tcpip - ok
12:05:58.0822 4276 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:05:58.0853 4276 Tcpip6 - ok
12:05:58.0915 4276 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:05:58.0947 4276 tcpipreg - ok
12:05:58.0962 4276 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:05:58.0993 4276 TDPIPE - ok
12:05:59.0009 4276 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:05:59.0040 4276 TDTCP - ok
12:05:59.0056 4276 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:05:59.0087 4276 tdx - ok
12:05:59.0103 4276 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:05:59.0118 4276 TermDD - ok
12:05:59.0150 4276 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:05:59.0197 4276 TermService - ok
12:05:59.0228 4276 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:05:59.0243 4276 Themes - ok
12:05:59.0243 4276 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:05:59.0275 4276 THREADORDER - ok
12:05:59.0306 4276 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:05:59.0337 4276 TrkWks - ok
12:05:59.0400 4276 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:05:59.0431 4276 TrustedInstaller - ok
12:05:59.0462 4276 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:05:59.0493 4276 tssecsrv - ok
12:05:59.0525 4276 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:05:59.0556 4276 tunmp - ok
12:05:59.0587 4276 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:05:59.0603 4276 tunnel - ok
12:05:59.0634 4276 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:05:59.0650 4276 uagp35 - ok
12:05:59.0697 4276 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:05:59.0728 4276 udfs - ok
12:05:59.0759 4276 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:05:59.0806 4276 UI0Detect - ok
12:05:59.0806 4276 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:05:59.0837 4276 uliagpkx - ok
12:05:59.0853 4276 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:05:59.0868 4276 uliahci - ok
12:05:59.0884 4276 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:05:59.0900 4276 UlSata - ok
12:05:59.0915 4276 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:05:59.0947 4276 ulsata2 - ok
12:05:59.0978 4276 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:06:00.0009 4276 umbus - ok
12:06:00.0056 4276 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:06:00.0103 4276 upnphost - ok
12:06:00.0134 4276 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:06:00.0165 4276 usbccgp - ok
12:06:00.0181 4276 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:06:00.0228 4276 usbcir - ok
12:06:00.0259 4276 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:06:00.0275 4276 usbehci - ok
12:06:00.0337 4276 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:06:00.0384 4276 usbhub - ok
12:06:00.0400 4276 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:06:00.0447 4276 usbohci - ok
12:06:00.0493 4276 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:06:00.0540 4276 usbprint - ok
12:06:00.0572 4276 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:06:00.0603 4276 usbscan - ok
12:06:00.0634 4276 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:06:00.0650 4276 USBSTOR - ok
12:06:00.0681 4276 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:06:00.0712 4276 usbuhci - ok
12:06:00.0743 4276 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:06:00.0759 4276 UxSms - ok
12:06:00.0868 4276 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:06:00.0915 4276 vds - ok
12:06:00.0947 4276 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:06:00.0993 4276 vga - ok
12:06:01.0009 4276 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:06:01.0056 4276 VgaSave - ok
12:06:01.0072 4276 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:06:01.0103 4276 viaagp - ok
12:06:01.0118 4276 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:06:01.0165 4276 ViaC7 - ok
12:06:01.0181 4276 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
12:06:01.0197 4276 viaide - ok
12:06:01.0212 4276 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:06:01.0228 4276 volmgr - ok
12:06:01.0275 4276 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:06:01.0306 4276 volmgrx - ok
12:06:01.0337 4276 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:06:01.0368 4276 volsnap - ok
12:06:01.0384 4276 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:06:01.0400 4276 vsmraid - ok
12:06:01.0462 4276 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:06:01.0540 4276 VSS - ok
12:06:01.0572 4276 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:06:01.0618 4276 W32Time - ok
12:06:01.0634 4276 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:06:01.0681 4276 WacomPen - ok
12:06:01.0712 4276 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:06:01.0743 4276 Wanarp - ok
12:06:01.0743 4276 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:06:01.0775 4276 Wanarpv6 - ok
12:06:01.0822 4276 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:06:01.0868 4276 wcncsvc - ok
12:06:01.0884 4276 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:06:01.0915 4276 WcsPlugInService - ok
12:06:01.0947 4276 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
12:06:01.0962 4276 Wd - ok
12:06:01.0978 4276 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:06:02.0009 4276 Wdf01000 - ok
12:06:02.0025 4276 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:06:02.0056 4276 WdiServiceHost - ok
12:06:02.0072 4276 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:06:02.0103 4276 WdiSystemHost - ok
12:06:02.0150 4276 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:06:02.0181 4276 WebClient - ok
12:06:02.0228 4276 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:06:02.0275 4276 Wecsvc - ok
12:06:02.0306 4276 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:06:02.0337 4276 wercplsupport - ok
12:06:02.0368 4276 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:06:02.0400 4276 WerSvc - ok
12:06:02.0478 4276 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:06:02.0493 4276 WinDefend - ok
12:06:02.0509 4276 WinHttpAutoProxySvc - ok
12:06:02.0603 4276 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:06:02.0634 4276 Winmgmt - ok
12:06:02.0759 4276 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
12:06:02.0868 4276 WinRM - ok
12:06:02.0978 4276 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:06:03.0056 4276 Wlansvc - ok
12:06:03.0087 4276 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:06:03.0134 4276 WmiAcpi - ok
12:06:03.0181 4276 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:06:03.0212 4276 wmiApSrv - ok
12:06:03.0572 4276 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:06:03.0712 4276 WMPNetworkSvc - ok
12:06:03.0775 4276 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:06:03.0853 4276 WPCSvc - ok
12:06:03.0900 4276 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:06:03.0947 4276 WPDBusEnum - ok
12:06:03.0993 4276 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:06:04.0009 4276 WpdUsb - ok
12:06:04.0134 4276 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:06:04.0165 4276 WPFFontCache_v0400 - ok
12:06:04.0197 4276 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:06:04.0243 4276 ws2ifsl - ok
12:06:04.0275 4276 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
12:06:04.0306 4276 wscsvc - ok
12:06:04.0337 4276 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:06:04.0368 4276 WSDPrintDevice - ok
12:06:04.0368 4276 WSearch - ok
12:06:04.0447 4276 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:06:04.0509 4276 wuauserv - ok
12:06:04.0556 4276 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:06:04.0587 4276 WUDFRd - ok
12:06:04.0603 4276 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:06:04.0634 4276 wudfsvc - ok
12:06:04.0650 4276 ================ Scan global ===============================
12:06:04.0681 4276 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:06:04.0712 4276 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:06:04.0728 4276 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:06:04.0775 4276 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:06:04.0775 4276 [Global] - ok
12:06:04.0775 4276 ================ Scan MBR ==================================
12:06:04.0790 4276 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:06:05.0056 4276 \Device\Harddisk0\DR0 - ok
12:06:05.0056 4276 [ 8FF255184F078C9C04E6A2CE66117C5C ] \Device\Harddisk1\DR1
12:06:05.0540 4276 \Device\Harddisk1\DR1 - ok
12:06:05.0540 4276 ================ Scan VBR ==================================
12:06:05.0556 4276 [ 2E8B2EDCB2FFC4A29D9A8EDE36D1D45E ] \Device\Harddisk0\DR0\Partition1
12:06:05.0556 4276 \Device\Harddisk0\DR0\Partition1 - ok
12:06:05.0572 4276 [ 6A7E02BD787FD688D5FAB97EF0260448 ] \Device\Harddisk0\DR0\Partition2
12:06:05.0572 4276 \Device\Harddisk0\DR0\Partition2 - ok
12:06:05.0572 4276 [ C3BAF05D0262E40C9E5704A7C3AB560E ] \Device\Harddisk1\DR1\Partition1
12:06:05.0587 4276 \Device\Harddisk1\DR1\Partition1 - ok
12:06:05.0587 4276 ============================================================
12:06:05.0587 4276 Scan finished
12:06:05.0587 4276 ============================================================
12:06:05.0603 4828 Detected object count: 2
12:06:05.0603 4828 Actual detected object count: 2
12:08:28.0614 4828 BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:28.0614 4828 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:28.0614 4828 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:28.0614 4828 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:44:13.0943 7604 Deinitialize success
|
|
22.10.2012, 20:25
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mystart.incredibar entfernen Ist unauffällig
__________________Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ |
|
23.10.2012, 17:02
| #19 |
| | Mystart.incredibar entfernen Hier schon mal das Ergebnis von GMER. Ich bin mir aber nicht sicher ob der Scan tatsächlich komplett war oder ob das Tool auch beim zweiten Mal hängengeblieben ist  .Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-23 17:57:27
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 SAMSUNG_HD161HJ rev.JF100-19
Running: jq0hvud3.exe; Driver: C:\Users\Benutzer\AppData\Local\Temp\kwldikog.sys
---- Kernel code sections - GMER 1.0.15 ----
.reloc C:\Windows\system32\drivers\acehlp10.sys section is executable [0x88176B80, 0x37FC7, 0xE0000060]
.reloc C:\Windows\system32\drivers\acedrv10.sys section is executable [0x80F04000, 0x459C1, 0xE0000060]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Und hier das Ergebnis von OSAM: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:22:10 on 23.10.2012 OS: Windows Vista Home Basic Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 16.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DDBACCPL.CPL" - "DataDesign AG" - C:\Windows\system32\DDBACCPL.CPL "DDBACCTM.CPL" - "DataDesign AG" - C:\Windows\system32\DDBACCTM.CPL "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL "Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "acedrv10" (acedrv10) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv10.sys "acehlp10" (acehlp10) - "Protect Software GmbH" - C:\Windows\system32\drivers\acehlp10.sys "G Data WFP CD" (gdwfpcd) - "G Data Software AG" - C:\Windows\System32\drivers\gdwfpcd32.sys "GDBehave" (GDBehave) - "G Data Software AG" - C:\Windows\System32\drivers\GDBehave.sys "GDMnIcpt" (GDMnIcpt) - "G Data Software AG" - C:\Windows\system32\drivers\MiniIcpt.sys "GDPkIcpt" (GDPkIcpt) - "G Data Software AG" - C:\Windows\system32\drivers\PktIcpt.sys "GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\Windows\System32\Drivers\GEARAspiWDM.sys "HookCentre" (HookCentre) - "G Data Software AG" - C:\Windows\system32\drivers\HookCentre.sys "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "kwldikog" (kwldikog) - ? - C:\Users\Benutzer\AppData\Local\Temp\kwldikog.sys (Hidden registry entry, rootkit activity | File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll {B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll {7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} "G Data BankGuard" - "G Data Software AG" - C:\Program Files\Common Files\G DATA\AVKProxy\BanksafeBHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll {551A852F-39A6-44A7-9C13-AFBEC9185A9D} "PlusIEEventHelper Class" - "Zeon Corporation" - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {0124123D-61B4-456f-AF86-78C53A0790C5} "{0124123D-61B4-456f-AF86-78C53A0790C5}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "BackupServiceHomeRun" - "Alexander Seeliger Software" - C:\Program Files\Backup Service Home\Backup Service Home.exe "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "ISUSPM" - "Acresso Corporation" - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler "LightScribe Control Panel" - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden "Scan Buttons" - "NewSoft Technology Corporation" - C:\Program Files\Lexmark Applications\PageManager\Pmsb.exe "Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BrStsMon00" - "Brother Industries, Ltd." - C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN "ControlCenter4" - "Brother Industries, Ltd." - C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun "G Data AntiVirus Tray Application" - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe "GDFirewallTray" - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe "HP Software Update" - "Hewlett-Packard Co." - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe "IndexSearch" - "Nuance Communications, Inc." - "C:\Program Files\Nuance\PaperPort\IndexSearch.exe" "LexwareInfoService" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart "NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe "PaperPort PTD" - "Nuance Communications, Inc." - "C:\Program Files\Nuance\PaperPort\pptd40nt.exe" "PDF5 Registry Controller" - "Nuance Communications, Inc." - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe "PDFHook" - "Nuance Communications, Inc." - C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe "PPort12reminder" - "Nuance Communications, Inc." - "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "WrtMon.exe" - ? - C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "LIDIL hpzll5ha" - "Hewlett-Packard Company" - C:\Windows\system32\hpzll5ha.dll "Nitro PDF Port Monitor" - "Nitro PDF Software" - C:\Windows\system32\nitrolocalmon2.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "BrYNSvc" (BrYNSvc) - "Brother Industries, Ltd." - C:\Program Files\Browny02\BrYNSvc.exe "G Data AntiVirus Proxy" (AVKProxy) - "G Data Software AG" - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe "G Data Dateisystem Wächter" (AVKWCtl) - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe "G Data Personal Firewall" (GDFwSvc) - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe "G Data Scanner" (GDScan) - "G Data Software AG" - C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe "G Data Scheduler" (AVKService) - "G Data Software AG" - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe "lmab_device" (lmab_device) - ? - C:\Windows\system32\LMabcoms.exe -service (File not found) "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe "NitroPDFReaderDriverCreatorReadSpool2" (NitroReaderDriverReadSpool2) - "Nitro PDF Software" - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PDFProFiltSrvPP" (PDFProFiltSrvPP) - "Nuance Communications, Inc." - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-23 20:56:31
-----------------------------
20:56:31.072 OS Version: Windows 6.0.6002 Service Pack 2
20:56:31.072 Number of processors: 2 586 0xF0D
20:56:31.150 ComputerName: BENUTZER-PC UserName: Benutzer
20:56:31.697 Initialize success
20:56:47.369 AVAST engine defs: 12102300
20:57:07.916 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
20:57:07.916 Disk 0 Vendor: SAMSUNG_HD161HJ JF100-19 Size: 152627MB BusType: 3
20:57:08.369 Disk 0 MBR read successfully
20:57:08.369 Disk 0 MBR scan
20:57:08.432 Disk 0 Windows VISTA default MBR code
20:57:08.541 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 80000 MB offset 2048
20:57:08.650 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 72625 MB offset 163842048
20:57:08.963 Disk 0 scanning sectors +312578048
20:57:09.557 Disk 0 scanning C:\Windows\system32\drivers
20:58:43.322 Service scanning
20:59:21.791 Modules scanning
21:01:14.010 Disk 0 trace - called modules:
21:01:14.025 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll intelide.sys PCIIDEX.SYS atapi.sys
21:01:14.525 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x848262c8]
21:01:14.525 3 CLASSPNP.SYS[8804a8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x845f2030]
21:01:14.525 Scan finished successfully
21:23:22.838 Disk 0 MBR has been saved successfully to "C:\Users\Benutzer\Desktop\MBR.dat"
21:23:22.854 The log file has been saved successfully to "C:\Users\Benutzer\Desktop\aswMBR.txt"
Geändert von smiley1 (23.10.2012 um 17:24 Uhr) |
|
23.10.2012, 20:54
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mystart.incredibar entfernen Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Scans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2012, 20:11
| #21 | |
| | Mystart.incredibar entfernenZitat:
 Hier schon mal Malwarebytes Quickscan: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.24.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19328 Benutzer :: BENUTZER-PC [Administrator] Schutz: Aktiviert 24.10.2012 20:58:39 mbam-log-2012-10-24 (20-58-39).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 194453 Laufzeit: 5 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende)  . Ich habe den ersten Scan unterbrochen weil ich die Scann Optionen nicht geändert hatte. Dann habe ich den Scan mit den entsprechenden Scann Optionen neu gestartet und das system hat auch 2 Fehler (adware) gefunden - in dem Log steht aber nichts davon? Code:
ATTFilter SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com
Generiert 10/24/2012 bei 09:22 PM
Version der Applikation : 5.6.1012
Version der Kern-Datenbank : 9466
Version der Spur-Datenbank : 7278
Scan Art : kompletter Scann
Totale Scann-Zeit : 00:01:23
Operating System Information
Windows Vista Home Basic 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Administrator
Gescannte Speicherelemente : 105
Erfasste Speicher-Bedrohungen : 0
Gescannte Register-Elemente : 29978
Erfasste Register-Bedrohungen : 0
Gescannte Datei-Elemente : 3680
Erfasste Datei-Elemente : 0
|
|
28.10.2012, 11:05
| #22 |
| | Mystart.incredibar entfernen Hallo Cosinus - kannst du bei Gelegenheit nochmal nen Blick auf die letzten Logs werfen! |
|
28.10.2012, 12:26
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mystart.incredibar entfernen Keine Funde! Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.10.2012, 16:48
| #24 |
| | Mystart.incredibar entfernen Mein System scheint in Ordnung zu sein, keinerlei Funde und auch keine weiteren Probleme.  Vielen lieben Dank für deine Unterstützung, Hilfe und Tipps - ohne dich wäre ich wirklich "verloren" gewesen! Jetzt brauche ich nur noch ne kurze Info wegen dem deinstallieren der Programme: SuperAntispyware - Sasuninst.exe meldet dann irgendwas von Computer rebooten ist das ok? Und die anderen Programme falls ich die überhaupt deinstallieren soll oder ist es sinnvoll die auf dem Rechner zu lassen!? Kann ich zum deinstallieren ganz normal über die Systemsteuerung von Windows gehen? Es geht um: GMER, OSAM, TDSS-Killer, OTL, Malwarebytes, ESET, adwCleaner Danke dir nochmal und nen schönen Restsonntag noch - bald hast du "erstmal" Ruhe vor mir.  |
|
28.10.2012, 17:25
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mystart.incredibar entfernen Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Scan machen, aber immer vorher ans Update denken. Es empfiehlt sich auf jeden Fall nach der beseitigten Infektion auch möglichst alle Passwörter zu ändern. Abschließend ein ganz wichtiger Punkt: Absicherung des Rechners, aktualisieren der Programme siehe http://www.trojaner-board.de/96344-a...tml#post627442
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Mystart.incredibar entfernen |
| administrator, anti-malware, appdata, applaus, autostart, dateien, desktop, entfernen, explorer, firefox, google, home, internet, internet browser, internet explorer, logdatei, malwarebytes, microsoft, mozilla, neue, ordner, rechner, registrierungsdatenbank, scan, software, vista, windows, windows vista |
Linear-Darstellung
